presentation - manage you deployments with the image packaging system and the automated installer

1 Copyright 2011, Oracle and/or its affiliates. All rights

reserved.

Manage You Deployments With The Image Packaging System And The Automated Installer

David Miner

Senior Principal Software Engineer, Solaris

Oracle Solaris 11


reserved.


reserved.

The following is intended to outline our general product direction. It is intended

for information purposes only, and may not be incorporated into any contract. It

is not a commitment to deliver any material, code, or functionality, and should

not be relied upon in making purchasing decisions. The development, release,

and timing of any features or functionality described for Oracle s productsremains at the sole discretion of Oracle.


reserved.

Agenda

Requirements and Ideas

Updates & Upgrades

Boot Environments

SRUs

Deploying at Scale

IPS Repository Mirrors

Automated Installer

System Configuration

Zones

Additional Transition Tools and Resources


reserved.

Requirements and Big Ideas - Packaging

Updates & upgrades must be fast, reliable, reversible

Updates should be package updates, not patches

Packages dependencies should be handled automatically

Packages should be network-based

Image minimization should be easy

Seamless integration with Zones is required

Deliver practically identical experience

on SPARC, x86

Plan

Deploy

Test

Use

Maintain

Update


reserved.

Requirements and Big Ideas - Install

Low initial investment, great scalability for deployment

Ease-of-use is a priority for all features

Deployment must be well-integrated with best practices,

overall user experience

Limit install-specific features, knowledge

Integrated deployment of Zones is required

Leverage existing Solaris strengths

Plan

Deploy

Test

Use

Maintain

Update


reserved.

Value-engineering in Installation, Configuration

Simplified architecture

+ Improved automation

+ Improved safety

+ Improved flexibility

+ Improved integration

= Better user experience

No longer a sum of independent parts

On a Large Scale


reserved.

Rosetta Stone for Oracle Solaris 10 Users

Oracle Solaris 10 Oracle Solaris 11

SVR4 Packages IPS Packages

Install DVD Install CD + pkg repository

Live Upgrade Boot Environments

Upgrade from installer pkg(1), Update Manager

JumpStart Automated Installer (AI)

JumpStart Profiles AI manifests

Blueprints for custom DVD's Distribution Constructor


reserved.

Agenda


Updates & Upgrades

Boot Environments

SRUs

Deploying at Scale


Automated Installer


Zones



reserved.

Safe Upgrades in a snap

ZFS Boot Environments Benefits

No initial investment

Updates are applied to a file system clone, no

interruption

Reboot into upgraded environment when youre ready

Trivial roll-back if failure occurs

Integrated, enforced best practice for safety

Fast reboot reduces maintenance windows

Excellent for recovery purposes

Active BE

Active BE

New BE

Active BE

Updated BE


reserved.

Boot Environments

Make updates safe, reliable, recoverable

Different from/simpler than Solaris 10 Live Upgrade

Takes advantage of ZFS

Use liberally as an administrative safety net

Managed by beadm(1M), functionality includes:

List

Activate, Rename

Create, Destroy

Mount, Unmount


reserved.

beadm(1) Utility

Create a new boot environment based on the active boot environment Create a new boot environment based on an inactive boot environment Create a snapshot of an existing boot environment Create a new boot environment based on an existing snapshot Create a new boot environment, and copy it to a different zpool Create a new boot environment and add a custom title to the

x86 GRUB menu or the SPARC boot menu

Activate an existing, inactive boot environment Mount a boot environment Unmount a boot environment Destroy a boot environment Destroy a snapshot of a boot environment Rename an existing, inactive boot environment Display information about your boot environment snapshots and datasets


reserved.

Listing Boot Environments{badboy} beadm list

BE Active Mountpoint Space Policy Created

-- ------ ---------- ----- ------ -------

b-140 - - 11.51M static 2010-05-26 12:47

b-141 - - 11.98M static 2010-06-10 15:40

b-142 - - 10.14M static 2010-06-24 08:05

b-143 - - 13.85M static 2010-07-12 09:47

b-144 - - 1.48G static 2010-07-22 12:09

b-145 - - 14.64M static 2010-08-03 22:23

b-146 - - 10.43M static 2010-08-20 15:31

b-147 - - 12.29M static 2010-09-06 19:28

b-148 - - 13.11M static 2010-09-23 17:05

b-149 - - 14.49M static 2010-09-30 18:53

b-150 - - 11.83M static 2010-10-15 10:32

b-151 - - 130.94M static 2010-11-15 10:10

b-152 NR / 56.03G static 2010-11-17 16:32


reserved.

More Fun with beadm{badboy} beadm activate b-151

{badboy} beadm mount b-151 /tmp/mnt

{badboy} beadm list

BE Active Mountpoint Space Policy Created

-- ------ ---------- ----- ------ -------

b-140 - - 11.51M static 2010-05-26 12:47

b-141 - - 11.98M static 2010-06-10 15:40

b-142 - - 10.14M static 2010-06-24 08:05

b-143 - - 13.85M static 2010-07-12 09:47

b-144 - - 1.48G static 2010-07-22 12:09

b-145 - - 14.64M static 2010-08-03 22:23

b-146 - - 10.43M static 2010-08-20 15:31

b-147 - - 12.29M static 2010-09-06 19:28

b-148 - - 13.11M static 2010-09-23 17:05

b-149 - - 14.49M static 2010-09-30 18:53

b-150 - - 11.83M static 2010-10-15 10:32

b-151 R /tmp/mnt 53.82G static 2010-11-15 10:10

b-152 N / 1.71G static 2010-11-17 16:32


reserved.

Live Upgrade -> Boot Environments

Oracle Solaris 10 Oracle Solaris 11 Description

lucreate n newBE beadm create newBE Create a new BE

lustatus beadm list Display BE info

luactivate newBE beadm activate newBE Activate a BE

ludelete BE beadm destroy BE Destroy an inactive BE

luupgrade or patchadd pkg update Upgrade or update a BE


reserved.

pkg(1)

To install an individual package:pkg install communication/im/pidgin

To check for individual updates:pkg info r communication/im/pidgin

To update an individual package:pkg update communication/im/pidgin

Test Run an image update:pkg update nv

Update (all packages, or the complete image):pkg update


reserved.

Oracle Solaris 11 Lifecycle ManagementImproved updates with IPS

4X Faster upgrades typical

Create ZFS boot environment to safely apply updates

Full dependency check of packages, crypto verified, auditable

Reboot updated ZFS boot environment

New Security

Patch

6:00: pkg update

6:00-6:02: Dependency checks,

patch/update planning

6:02-6:04: New boot environment created,

updates downloaded and applied6:04-6:06: reboot

up and running again

Maintenance window: 6-7pm


reserved.

Boot Environments in Non-global Zones

BE's automatically include installed/attached zones

Zone BE is linked to a global zone BE

Multiple zone BE's can be linked to a single

global zone BE

Zone administrator can create, mount, activate BE's

Active BE is within the context of the active global zone BE


reserved.

Agenda


Updates & Upgrades

Boot Environments

SRUs

Deploying at Scale


Automated Installer


Zones



reserved.

Maintenance Updates for Oracle Solaris 11

Oracle customers with an active Oracle support plan have

access to the support package repository

Register for the support repository at

http://pkg-register.oracle.com

SRU = Support Repository Update

Future Oracle Solaris 11 Releases

will be available in the support repository or a release

repository that provides the currently available OS


reserved.

Agenda


Updates & Upgrades

Boot Environments

SRUs

Deploying at Scale


Automated Installer


Zones



reserved.

Local IPS Repositories

Reasons for a local package repository

Security and Performance

Consistency and Replication

Custom Packages

Two Types of Repositories:

Origin Mirror


reserved.

Create a Local IPS Repositories

Copy From Internet: pkgrepo create /export/repoSolaris11

pkgrecv -s http://pkg.oracle.com/solaris11/release/ -d /export/repoSolaris11 '*

Copy From File: Get file, and unzip and cat (if necessary)

lofiadm -a /export/repo2010_11/ sol-11-repo-full.iso

mount -F hsfs /dev/lofi/1 /mnt

rsync -aP /mnt/repo /export/repoSolaris11 or

cd /mnt/repo; tar cf - . | (cd /export/repoSolaris11; tar xfp -)

umount /mnt

lofiadm -d /dev/lofi/1


reserved.

Agenda


Updates & Upgrades

Boot Environments

SRUs

Deploying at Scale


Automated Installer


Zones



reserved.

Automated Installation (AI)

Reduce initial and ongoing costs of deploying Solaris-

based software stack

Leverages ZFS, SMF, IPS features to provide enhanced

features vs. JumpStart

Reduces need for third-party or customer-developed extensions

Most scripting moved to first-boot SMF services

Integrated, seamless Zones deployment

WAN-capable design provides operational flexibility

Designed to be manageable and observable

installadm(1M) provides one-stop management interface


reserved.

AI Terminology

Client physical or virtual machine to be installed

Manifest XML specification of installation (storage layout, software payload)

Profile SMF profile to pre-configure system services

Service server infrastructure needed to network boot an installation client

Criteria mapping of clients to services, manifests and profiles

Repository IPS package repository

Bootable AI - service-less AI boot from media

Manifest included on media or downloaded from network location


reserved.

Basic Flow of Automated Installation


reserved.

Static Manifests

Default manifest provided with service

Installs solaris-large-server package set from Oracle's Solaris

repository to firmware-designated boot disk

Sysconfig invoked automatically at first boot to interactively configure

basic system

Manifest specifies:

Package repositories and lists; major group packages: solaris-small-

server, solaris-large-server, solaris-desktop

Target disk: choose by device path, volume id, type, vendor, size,

container/receptacle/occupant (CRO) label; ZFS configuration

Locales are installed/removed using package facets; all locales are

installed by default


reserved.

Derived Manifests

Dynamically generate manifest in a script

Scales AI management by reducing number of manifests

maintained by administrators

Most effective model is to load template manifest, modify

specific elements

Script uses the aimanifest(1M) command as interface

to generate AI manifest

Generated manifest located on the client at:

/system/volatile/manifest.xml


reserved.

Agenda


Updates & Upgrades

Boot Environments

SRUs

Deploying at Scale


Automated Installer


Zones



reserved.

New System Configuration Framework & UI

Replaces sysidtool/sysidcfg/sys-unconfig

sysconfig(1m) interactive UI

configure, unconfigure, create-profile subcommands

Interactive tool provides basic, required system

configuration. UI similar to Text Installer.

Profiles can configure any SMF service property

sysconfig unconfigure reverts the properties

configured by the interactive UI to shipped defaults

--destructive option requests more complete cleanup, e.g.

deleting initial user account's home directory


reserved.

System Configuration Profiles

Common parameters available in Oracle Solaris 11:

User account, including RBAC roles, profiles and sudo

Root user: password, role/normal

Timezone, locale

Hostname

Console terminal type, keyboard layout

IPv4 and/or IPv6 interface, default route

DNS, NIS, LDAP clients

Name service switch


reserved.

Creating a Configuration Profile with sysconfig

Easiest starting point

# sysconfig create-profile -o myprofile.xml

Runs the sysconfig UI, places output into specified profile

Edit further to add properties not configured by sysconfig


reserved.

Agenda


Updates & Upgrades

Boot Environments

SRUs

Deploying at Scale


Automated Installer


Zones



reserved.

Deploying Zones with AI

Zones can be specified in the AI manifest

config file is the zone's configuration file as output

from zonecfg export

Automatically installed on first boot of the global zone

svc:/system/zones-install:default


reserved.

Deploying Zones with AI (2)

Use zonename criterion to associate manifests and

profiles with a zone# installadm create-manifest -n S11-x86 -f /tmp/zmanifest.xml

-c zonename=zone1 zone2

# installadm create-profile -n S11-x86 -f /tmp/zprofile1.xml

-c zonename=zone1

# installadm create-profile -n S11-x86 -f /tmp/zprofile2.xml

-c zonename=zone2


reserved.

Deploying Zones with AI (3)

AI is also used when installing non-global zones from

existing global zone

Default manifest is

/usr/share/auto_install/manifest/zone_default.xml

Default profile enables interactive system

configuration during first boot

Provide alternate manifest and/or profile with# zoneadm -z install -m -c


reserved.

Agenda


Updates & Upgrades

Boot Environments

SRUs

Deploying at Scale


Automated Installer


Zones



reserved.

JumpStart to AI Mapping

JumpStart Automated Installation

setup_install_server installadm create-service

add_install_client installadm create-client

JumpStart profile & rules AI manifest & criteria

sysidcfg file SMF configuration profile

Begin script Derived Manifests, custom images from Distribution Constructor

Finish script pkg actions, First-boot SMF services


reserved.

Steps to Convert from Solaris 10 JumpStart

Deploy S11 server instance to host AI service

Use as JumpStart server as well

Translate rules to criteria

Translate profiles to manifests

Translate sysidcfg to SMF profile

Publish manifests and profiles to AI service

Convert finish scripts to SMF service(s)

Publish SMF service package to IPS repository


reserved.

js2ai JumpStart to AI translation tool

Automatically converts existing JumpStart rules,

profiles, sysidcfg files to AI equivalents

Conversion is best-effort, with instructions on issues

that need manual resolution

Result is a directory hierarchy with AI profiles, system

config manifests, log of the tool's actions

See js2ai(1m)


reserved.

Distribution Constructor (DC)

Tool to easily construct installation images and virtual

machine images

Used by Solaris engineering to build the product

Use DC to build AI (or interactive install) images

customized with additional drivers or services

XML manifest (similar to AI) specifies construction

Checkpoint/resume feature nicely leverages ZFS!

Fully extensible plug your own customizations into build process

See distro_const(1M) for more information


reserved.

Building and Using a Custom AI Boot Image

Install Distribution Constructor pkg install distribution-constructor

Copy base AI image manifest, customize

Basic SPARC manifest at/usr/share/distro_const/auto_install/ai_sparc_image.xml

Build the image: distro_const build my_ai_image.xml

Deploy to AI service:

installadm create-service ...


reserved.

Technical Article Available

How To Create a Customized Oracle Solaris 11 Image Using the Distribution Constructor

http://www.oracle.com/technetwork/articles/servers-storage-admin/o11-

087-sol11-dist-const-496819.html


reserved.

Transitioning From Oracle Solaris 10 JumpStart to Oracle Solaris 11 Automated Installer

http://docs.oracle.com/cd/E23824_01/html/E21799/index.html

Documentation Available


reserved.

Technical Article Available

How to Perform System Archival and Recovery Procedures with Oracle Solaris 11

http://www.oracle.com/technetwork/articles/servers-storage-admin/o11-

091-sol-dis-recovery-489183.html


reserved.

Summary


reserved.

Simplified Administration, Service Provisioning


reserved.

Summary

Oracle Solaris 11 deployment is different from Solaris 10

Little required customization work to start deploying

Powerful, stable, supported capabilities for those who need to

customize

Transition documentation, tools are provided

Feature set will expand & evolve

Boot Environments allow for fast, efficient, and fool-

proof software upgrades


reserved.

For More Information / Try Out Today

Product overview and download

oracle.com/solaris

Oracle Technology Network

oracle.com/technetwork/server-storage/solaris11

System administrators community

oracle.com/technetwork/systems

@ORCL_Solaris

facebook.com/oraclesolaris

Oracle Solaris Insider

49


reserved.


reserved.

One Installation Engine; Three Installers

Each with its own features and capabilities

Each delivering its own benefits for specific needs

Interactive

Live Media Desktop, GUI tools

Text Installer Headless servers

Automated

Automated Installer Large-scale deployments

Distribution Constructor lets you build your own

installation media, behaving like any of these categories


reserved.

Two types of interactive installers

1 - Text-based UI for server systems (SPARC & x86)

2 - GUI for x86 desktop/laptop systems

Principle: Install fixed software payload with basic

configuration, customize after installation

GUI installs desktop/laptop-appropriate software(solaris-desktop group package), automatic network configuration

Text installer installs server-appropriate software(solaris-large-server group package), choice of automatic or

manual network & name service configuration

Both provide configuration of initial user account, with

administrative privileges via sudo


reserved.

Two types of interactive installers

Text-based Install

Live Media GUI Install

presentation - manage you deployments with the image packaging system and the automated installer

Documents

oracle andor

resources4 copyright

resources9 copyright

oracle s productsremains

sole discretion of oracle

large scale7 copyright

reversible updates

initial investment updates